CVE-2025-58741 HIGH

CVE-2025-58741: Insecure Masked Credential Fields Enable Database Credential Access in Milner ImageDirector Capture

Vendor Milner
Product ImageDirector Capture
Weakness CWE-522 · Insufficiently protected credentials
Published January 20, 2026
Last update January 21, 2026

CVSS base score

8.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

Insufficiently Protected Credentials vulnerability in the Credential Field of Milner ImageDirector Capture allows retrieval of credential material and enables database access.This issue affects ImageDirector Capture: from 7.0.9 through 7.6.3.25808.

Key dates

02Disclosure timeline

January 20, 2026 CVE published
January 21, 2026 Record updated